Troubleshooting Q&A - January 19, 2006
Wi-Fi Authentication and Encryption Demystified
A curious reader eager to understand how wireless encryption and security works runs two scenarios by our columnist. Read on to find out if logical assumptions pan out in the world of Wi-Fi.
By Ron Pacchiano
Q. I've been using a wireless network for a few months. I don't know much about Wi-Fi (define) encryption and security, but I would like to get a better understanding so I can respond appropriately in certain situations. I have come up with couple of scenarios (based on what I know) to illustrate how I think the wireless devices would behave. If I'm incorrect in my assumptions, I was hoping that you could tell me why and explain what would actually happen. Here are my scenarios:
I've experimented with this a bit on my own and observed that the client PC will, in fact, connect to the AP, despite the fact that it doesn't have the proper WEP key. However, it doesn't seem to be able to send or receive any packets once it has been authenticated. I'll assume this is because of the incorrect WEP key, but if that is the problem, then why can it connect to the network at all?
So what do you think? Are my assumptions correct in these scenarios? I've been researching this online, but can't seem to find the answers anywhere. Thanks!
A. I'm sorry to have to tell you this, but you would be wrong in both situations. Let's take a look at the first scenario. Authentication is simply a way for the device to verify the identity of another device that's attempting to connect to it. So whether you're using open or shared authentication, the purpose is the same to authenticate a wireless client to the network-controlling device (in this case an access point). However, each of these techniques goes about this in a different way.
The difference between an open system and shared system authentication is that the shared system passes along additional information that could be used by a hacker to crack the WEP key. This is how it works: With a shared-key authentication process the AP sends challenge text to the client in clear text, and then the client encrypts it and sends it back to the AP. If someone were sniffing or monitoring your transmission while this was happening, they would be able to intercept a sample of plain text with its corresponding encrypted text. This gives the hacker a tremendous head start when attempting to break your encryption key because all of the information needed to perform the decryption is contained in these two pieces of data.
Conversely, the open network authentication system doesn't pass on any information to the client in plain text, just the corresponding encrypted text. By removing that information, the process of breaking your encryption key is far more difficult. Since WEP can be used with both authentication methods, an open system is the preferred encryption method to employ. Because it doesn't pass on any additional data about the key, it's considered to be more secure.
The reason you can't send or receive packets after it connects is because the client PC was never actually authenticated to the access point to begin with. It associated to it. The reason for your confusion is simple. Even though you have nonsimilar WEP keys, the two devices will still associate as that is the first step in establishing a connection. During the association no information other than challenge/request handshake passes between the devices. The challenge handshake is the beginning of the authentication process, and the only way the two devices will authenticate is if they both have the same encryption key. Because the client PC didn't have the corresponding WEP key, it was able to associate to the AP, but not authenticate against it.
This applies to your second scenario as well. Even though the AP no longer has encryption enabled and is, as you said, open, the client PC is still looking for encrypted traffic. So removing the WEP key from the AP will cause the information passing from one device to the other to no longer have the same credentials, causing communication to cease.
Truth be told, though, you really didn't need me to tell you this. Over the years, I've discovered that nothing is a better teaching tool than experience. You have all the hardware you need to test these scenarios on your own, so give it a try. Don't worry about anything. There is little chance of you permanently damaging anything. Experiment a little bit. You should have no problem confirming everything we discussed here. Have fun!
Use our feedback form to submit your questions on home or SOHO networking issues. Please be as specific as possible. We cannot guarantee to answer every question we get, but we’ll consider them all.
|Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums|